Forums | Mahara Community
Support
/
Difficulty with Azure AD SSO
14 June 2022, 3:01
We've been trying to set up single sign-on using Azure AD for some time without success. We keep getting "non-recoverable error". Our Mahara site is externally hosted. We did get it working on the dev site but not on live. Our host says both are identical and that the issue must be with the inserted IDP and metadata, as whilst the error is saying that it cannot find the metadata, this seems to be a fairly generic error as the data is there, it's just not resolving to the IDP.
Our developer says the metadata was added to live in the same way it was added to the dev site. The metadata for both IdPs is standard SAML2 metadata. The live Mahara site couldn't create an SP certificate and kept losing the password. It didn't preserve the metadata url of the IdP and it had to be entered twice.
I don't know if this is sufficient information but, if anyone can spot something, I'd be grateful for any hints.
Regards, Marion
14 June 2022, 8:21
Hi Marion,
What's the actual error message in the error log? 'Non-recoverable error' is just a placeholder on production sites so we don't disclose potentially confidential information. Is it that it can't find the metadata?
It's strange that setting things up on the non-production server worked fine and the same steps don't work on production. That suggests that something different was done unless the codebases are not the same or there are permission issues. Have those things been checked?
What do you mean by "it couldn't create a SP certificate"? Did you re-create the key?
Thank you
Kristina
24 June 2022, 23:00
Hello Katrina
My apologies for not responding before now. Unfortunately, our host won't hand over logs so we're at a bit of an impasse. We (our systems developer, fortunately - not me) will keep plugging away ...
Regards
Marion